Positive Technologies has discovered a vulnerability that allows attackers to obtain control of on-premises SonicWall Network Security Manager (NSM).
NSM is designed to centralize management of SonicWall firewalls and track threats and risks in network traffic. The latest IDC report said that SonicWall has been ranked fifth among manufacturers of hardware security tools.
This vulnerability called CVE-2021-20026 is rated as ‘High’ criticality and has a CVSSv3 score of 8.8. An attacker needs to be an authenticated user into SonicWall NSM before they can exploit the vulnerability, Positive Technologies said.
Cyber criminals can inject OS commands in a user request, giving them access to all features of the vulnerable on-premises SonicWall NSM platform and the underlying operating system. SonicWall patched the critical vulnerability in May 2021.
Nikita Abramov, Positive Technologies researcher said: “SonicWall NSM allows centralized management of hundreds of devices. Tampering with this system may negatively impact a company’s ability to work, to the point of full disruption of its protection system and stopping of business processes.”
“As with Cisco ASA, attackers could disable access to the company’s internal network by blocking VPN connections, or write new network traffic policies thus fully preventing its checks by a firewall.”
SonicWall PSIRT said: “Through collaboration with Positive Technologies, SonicWall validated and patched a post-authentication vulnerability within the on-premises version of the Network Security Manager (NSM) service.”
“This vulnerability only impacts on-premises deployments and not the more common SaaS version of the NSM service. Impacted SonicWall partners and customers were informed of the patch and were provided upgrade guidance in May 2021.”